I'm not aware of any blogging features of modsec, although I may be wrong.

If you are interested in blocking such requests, what you should really be looking at is blocking the request that caused the script to get on your server in the first place and not just looking at preventing the script from running - that would be treating the symptoms not the cause.

The only sensible options it to trawl through your Apache access logs, keeping an eye out for the request that caused the script to get on your server in the first place. This should help you find out which insecure script helped the file get on to your server.

Find the insecure script and fix it. If it is a distributed pacakge, such as a forum, consider upgrading to the latest version and consider perusing their forums for information pertaining to any insecurities. If it is a custom written script, ask the account owner to fix it, highlighting the security problems it presents.

If you fix an insecure script then an exploit attempt will fail and therefore any relevant modsec rules would be obsoleted.

You can search the forums or indeed the web for mod_security rules. If you don't have the knowledge to write some yourself (documentation on that modules site) then search the web for some pre-written ones.

That said, they most likely won't prevent the execution of such a script. As has been said, you need to find out how the script was uploaded to your server and fix that hole. If you don't know how, you'll need to hire a server administration who knows about such security issues.

f a cpanel system admin want a copy, i can send it..

Click to expand...

Nothing to do with cPanel and if you opened a support ticket with them through your cPanel license provider, I doubt you'd get much in the way of support as the issue has nothing to do with their product.

You can search the forums or indeed the web for mod_security rules. If you don't have the knowledge to write some yourself (documentation on that modules site) then search the web for some pre-written ones.

That said, they most likely won't prevent the execution of such a script. As has been said, you need to find out how the script was uploaded to your server and fix that hole. If you don't know how, you'll need to hire a server administration who knows about such security issues.

Nothing to do with cPanel and if you opened a support ticket with them through your cPanel license provider, I doubt you'd get much in the way of support as the issue has nothing to do with their product.

Click to expand...

I hired a system admin.

Do you know how to secure or encrypt user accounts password on servers?